<?php 
function is_login($userName,$passWord){
include(dirname(__FILE__) . '/config.php');

$con=mysqli_connect($host,$user,$pass,$db);

// Check connection
if (mysqli_connect_errno()) {
  die ("Failed to connect to MySQL: " . mysqli_connect_error());
}

$sql="SELECT * FROM user where username='".mysql_real_escape_string($userName) ."' and pass=sha('".mysql_real_escape_string($passWord)."')";


$result = mysqli_query($con,$sql);
if(!$result){
    die(mysqli_error($con).':'.$sql);
}
$is_login=0;
while($row = mysqli_fetch_array($result)) {
$is_login=1;    
}

mysqli_close($con);
if($is_login==0){
header("Location: auth.php");
die();
}

return $is_login;
}

$user_name=$_POST['username'];
$pass=$_POST['password'];

if(is_login($user_name,$pass)){
session_start();
$_SESSION['is_logedin']=1;
require_once('user/users_lib.php');
$user_detail=get_user_detail_by_name($user_name);
$_SESSION['id']=$user_detail['id'];
$_SESSION['username']=$user_detail['username'];
$_SESSION['first_name']=$user_detail['first_name'];
$_SESSION['last_name']=$user_detail['last_name'];
$_SESSION['image']=$user_detail['image'];
$_SESSION['role']=$user_detail['role'];
header("Location: dashboard.php");
die();
}
?>